Apple Patches Two Actively Exploited Vulnerabilities in macOS Ventura and Safari (CVE-2023-28205 & CVE-2023-28206)

Apple has released patches of two zero-day vulnerabilities in macOS Ventura. Apple has mentioned in the advisory that they are aware of the issues being exploited in the wild. The vulnerabilities are assigned with CVE-2023-28206 and CVE-2023-28205. Both vulnerabilities are discovered by Clément Lecigne of Google’s Threat Analysis Group and Donncha Ó Cearbhaill of Amnesty … Continue reading “Apple Patches Two Actively Exploited Vulnerabilities in macOS Ventura and Safari (CVE-2023-28205 & CVE-2023-28206)”

Apple Patches Zero-day Vulnerability in WebKit (CVE-2023-23529)

Apple has released security advisories to address a vulnerability in WebKit. The vulnerability has been assigned with the CVE-2023-23529. It affects multiple devices, including macOS, iPadOS, and iOS. Apple has mentioned in its advisory that they are aware of a report that the CVE-2023-23529 may have been actively exploited. The zero-day vulnerability might be used … Continue reading “Apple Patches Zero-day Vulnerability in WebKit (CVE-2023-23529)”

Apple releases security updates to fix severe vulnerabilities including two zero-day exploits

Apple has released a security update to address various previously exploited vulnerabilities including one exploited in the wild. The security update covers the serious security bugs in macOS and iOS/iPadOS.  The first zero-day (CVE-2022-22587) is a memory corruption flaw that a malicious app might use to run arbitrary code with kernel privileges. The vulnerability affects … Continue reading “Apple releases security updates to fix severe vulnerabilities including two zero-day exploits”

New Apple Safari 15 vulnerability allows cross-site tracking of users’ data

A software flaw in Apple Safari 15’s implementation of the IndexedDB API could be used by a malicious website to track users’ online activities and worse expose their identities.    IndexedDB is a low-level JavaScript API for maintaining NoSQL databases of structured data items such as files and blobs that are supplied by web browsers. … Continue reading “New Apple Safari 15 vulnerability allows cross-site tracking of users’ data”